Healthcare Technology Featured Article

Healthcare Messaging Overwhelmingly Out of Sync with Industry Regulations

Infinite Convergence Solutions, a developer of messaging and mobility software for enterprises, recently announced the results of its latest research regarding messaging in the healthcare market.

The 2015 study, “Mobile Messaging for Healthcare Institutions,” surveyed 500 professionals in the finance, healthcare, retail, and legal markets. Concerning the practices of those individuals in healthcare, Infinite found that only eight percent of such institutions prohibit the use of consumer applications for discussion between employees. Furthermore, it found that only one in four institutions with “official” messaging platforms recommend using an internal app (not off-the-shelf programs such as Skype or WhatsApp).

If this sounds like a potential breach of consumer data and privacy protections, that’s because it is. Anurag Lal, the CEO of Infinite, confirmed the notion that these types of practices do not fall in line with regulations such as the Health Insurance Portability and Accountability Act.

“The global healthcare industry is under strict privacy and security regulations to protect patient information, but our study finds that the vast majority of healthcare institutions are not using mobile messaging services that are compliant with these regulations,” Lal said. “Healthcare employees communicate inherently sensitive information, like patient prescriptions, medical information, etc., yet their employers do not have the proper mobile messaging security infrastructure in place to adhere to HIPAA or other regulatory requirements.”

It is possible that TMC readers, including those here now, have read about HIPAA and the effort many companies are making to create secure messaging applications. Those such as the aptly-named HipaaChat have arrived as conduits of both text messaging and video. They can offer the ease of use of many consumer applications but with added protections to make sure healthcare professionals remain in line with regulations and to make sure patient information remains safe.

The use of consumer applications for that same task comes across as nothing but a fool’s errand. Those methods of communication to not intend to comply with HIPAA because they were never meant for that purpose. This is, according to the Infinite study, not entirely the fault of practitioners. Many healthcare facilities do not offer dedicated applications and, referring back to the previously-mentioned statistic, some almost do one better by referring employees to consumer apps. More than 90 percent of employees said that, given the option to use a secure, employer-sanctioned app, they would commit to its use.

These employees say they use mobile apps for communication at least a few times each week. Given the size of major hospitals and number of medical facilities in operations, even “a few times per week” can result in a lot of insecure texts.